urlscan.io logo urlscan.io
SecurityTrails logo

www.primeres.com Open in urlscan Pro
2606:4700:20::681a:6f1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.georgebranigan.com/
Effective URL: https://www.primeres.com/gbranigan
Submission: On July 31 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 2 countries across 14 domains to perform 63 HTTP transactions. The main IP is 2606:4700:20::681a:6f1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.primeres.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 19th 2024. Valid for: 5 months.
This is the only time www.primeres.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    15.197.225.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com
www.georgebranigan.com
21    2606:4700:20::681a:6f1 (United States)

ASN13335 (CLOUDFLARENET, US)
www.primeres.com
1    2600:9000:2509:fc00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.osano.com
1    2607:f8b0:4004:c21::5f (Washington, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2607:f8b0:4004:c0b::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    172.253.122.104 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f104.1e100.net
www.google.com
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2607:f8b0:4004:c08::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    18.67.65.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-80.iad89.r.cloudfront.net
consent.api.osano.com
1    18.160.41.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-49.iad55.r.cloudfront.net
static.hotjar.com
1    2607:f8b0:4004:c07::5e (Washington, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a04:4e42:200::644 (United States)

ASN54113 (FASTLY, US)
fast.wistia.net
3    2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    99.84.191.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-14.iad89.r.cloudfront.net
accessibilityserver.org
9    2a02:6ea0:c400::11 (New York, United States)

ASN60068 (CDN77 _, GB)
cdn.userway.org
1    99.84.191.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-41.iad89.r.cloudfront.net
script.hotjar.com
1    172.253.122.99 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f99.1e100.net
www.google.com
1    142.250.31.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f97.1e100.net
www.googletagmanager.com
3    2607:f8b0:4004:c06::8b (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2600:1f14:5db:eb22:6e05:a00:46e2:352d (Boardman, United States)

ASN16509 (AMAZON-02, US)
api.userway.org
1    18.160.46.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-82.iad55.r.cloudfront.net
vc.hotjar.io
2    2a02:6ea0:c400::12 (New York, United States)

ASN60068 (CDN77 _, GB)
cdn77.api.userway.org
Apex Domain
Subdomains		 Transfer
21 primeres.com
www.primeres.com
218 KB
14 userway.org
cdn.userway.org — Cisco Umbrella Rank: 6941
api.userway.org — Cisco Umbrella Rank: 6788
cdn77.api.userway.org — Cisco Umbrella Rank: 11499
159 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
280 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
163 KB
3 osano.com
cmp.osano.com — Cisco Umbrella Rank: 7730
consent.api.osano.com — Cisco Umbrella Rank: 13823
62 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
60 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
82 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 10
989 B
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 641
fonts.googleapis.com — Cisco Umbrella Rank: 110
32 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 4716
232 B
1 accessibilityserver.org
accessibilityserver.org — Cisco Umbrella Rank: 59470
2 KB
1 wistia.net
fast.wistia.net — Cisco Umbrella Rank: 22069
1 georgebranigan.com
www.georgebranigan.com
311 B
63 14
Domain Requested by
21 www.primeres.com 1 redirects www.primeres.com
9 cdn.userway.org cmp.osano.com
cdn.userway.org
www.primeres.com
3 api.userway.org cdn.userway.org
3 www.google-analytics.com cmp.osano.com
www.googletagmanager.com
www.google-analytics.com
3 fonts.gstatic.com fonts.googleapis.com
3 www.googletagmanager.com www.primeres.com
cmp.osano.com
2 cdn77.api.userway.org cdn.userway.org
2 consent.api.osano.com cmp.osano.com
2 cdnjs.cloudflare.com www.primeres.com
cdnjs.cloudflare.com
2 www.google.com www.primeres.com
cmp.osano.com
1 vc.hotjar.io script.hotjar.com
1 script.hotjar.com cmp.osano.com
1 accessibilityserver.org cmp.osano.com
1 fast.wistia.net www.primeres.com
1 www.gstatic.com cmp.osano.com
1 static.hotjar.com cmp.osano.com
1 fonts.googleapis.com www.primeres.com
1 ajax.googleapis.com www.primeres.com
1 cmp.osano.com www.primeres.com
1 www.georgebranigan.com 1 redirects
63 20

This site contains links to these domains. Also see Links.

Domain
myloan.primeres.com
Subject Issuer Validity Valid
primeres.com
Cloudflare Inc ECC CA-3		 2024-07-19 -
2024-12-31		 5 months crt.sh
*.osano.com
Amazon RSA 2048 M03		 2023-10-18 -
2024-11-15		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.api.osano.com
Amazon RSA 2048 M03		 2023-09-27 -
2024-10-25		 a year crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
fast.wistia.net
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-04-04 -
2025-05-06		 a year crt.sh
accessibilityserver.org
Amazon RSA 2048 M03		 2023-10-07 -
2024-11-03		 a year crt.sh
1667503734.rsc.cdn77.org
E5		 2024-07-16 -
2024-10-14		 3 months crt.sh
api.userway.org
Amazon RSA 2048 M03		 2023-09-02 -
2024-09-30		 a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-02-07 -
2025-03-08		 a year crt.sh
1784939676.rsc.cdn77.org
R3		 2024-05-31 -
2024-08-29		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.primeres.com/gbranigan
Frame ID: F6871045B04ADC7F2C2C1D778AFF8713
Requests: 57 HTTP requests in this frame

Frame: https://fast.wistia.net/embed/iframe/v6egq2kd9k
Frame ID: 4C75D2F2E4E63CE6AD8F332EEF7CC6AF
Requests: 1 HTTP requests in this frame

Frame: https://www.primeres.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js
Frame ID: 2A6500E47A219E4788C3D1525B81C749
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc2iioeAAAAAGJ1sB16RNnuvw6C6AjPXEBiRBnM&co=aHR0cHM6Ly93d3cucHJpbWVyZXMuY29tOjQ0Mw..&hl=en&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&size=invisible&cb=kwmv6cwp33eq
Frame ID: BD2BBD5C7F61E186BFF8F9C95C756977
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mortgage Lender in Prairieville LA | Primary Residential Mortgage

Page URL History Show full URLs

  1. https://www.georgebranigan.com/ HTTP 301
    https://www.primeres.com/gbranigan Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

63
Requests

90 %
HTTPS

55 %
IPv6

14
Domains

20
Subdomains

22
IPs

2
Countries

1079 kB
Transfer

3491 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.georgebranigan.com/ HTTP 301
    https://www.primeres.com/gbranigan Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://www.primeres.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.primeres.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request gbranigan
www.primeres.com/
Redirect Chain
  • https://www.georgebranigan.com/
  • https://www.primeres.com/gbranigan
35 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0505a8c92aa031b39934c60269132d20d96b985d494e29273d7f75a3089fa088

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8abffdd5ff9a336d-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 31 Jul 2024 19:28:28 GMT
expires
-1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6J7%2FtQ4BEcN2DxMy1NghyJx%2BuCjP728nDMHHVmv1lOpGrXrdxiuqAax4uAFbWLneYEZck5JNe9ZFkigpkkSLCJTQ098Nm34cDhyHS9OcTCOoH2CVy6eUcBx3cDm18xGYR9xOnGcuhfcZdaBJfXM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET

Redirect headers

Connection
close
Content-Length
69
Content-Type
text/html; charset=utf-8
Date
Wed, 31 Jul 2024 19:28:26 GMT
Location
https://www.primeres.com/gbranigan
Server
ip-10-123-124-225.ec2.internal
Vary
Accept-Encoding
X-Request-Id
546d8bb5-ba1a-4c16-9a80-52497f8a7689
main.min.css
www.primeres.com/ResourcePackages/Talon/assets/dist/css/branch-template-b/ 		209 KB
77 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/ResourcePackages/Talon/assets/dist/css/branch-template-b/main.min.css
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b8430873e24e9554a14cd72b2f424ac5be80f8c6f72853b0e89165338f7ce92a

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:28:28 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 08 May 2024 22:52:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1229573
etag
"28594779aa1da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X3n7b74bswiMj%2FKS6zLKW%2F8wAMoIBJlTfizeT9OyHJsZHZjwkb%2ByNbxOMC0dHvHTRuXI%2F4qIHovp6ajCeXx9vOxvqDcvsuM8skKfN%2B2GQnTmWLYqjrPM58Go3q4Cao2pwszCzcJ3Zm72h7iGp%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
8abffde07fc5336d-MIA
osano.js
cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/ 		245 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:fc00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
038df4179efc2c96eb6b561769233ccfc027ae91de8b8a71f70d2d517996d8e6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 12:07:01 GMT
content-encoding
br
via
1.1 71c1b7cb74a6a3840a4f2be73ffddc84.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
IAD12-P2
age
26487
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
61880
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 25 Apr 2023 20:14:08 GMT
server
CloudFront
etag
"fb8991e36ccb56fc65ed73438f501c15"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id
yzjGsGStrA09feSi877Rii6CPUVgDwFznCHEu5KIDryKeiMCk6IXRg==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 20:59:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Jul 2025 20:59:53 GMT
js
www.googletagmanager.com/gtag/ 		209 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-130576779-2
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7d222095e8aeeb98c61616a8ad3894c9890646da3cb82638bb08a5b9420bc6f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:28:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76625
x-xss-protection
0
last-modified
Wed, 31 Jul 2024 18:16:29 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 Jul 2024 19:28:28 GMT
ScriptResource.axd
www.primeres.com/ 		87 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/ScriptResource.axd?d=okuX3IVIBwfJlfEQK32K3ugaLjNozHoajOZ-qWC1CBhNnChirDzyJQ9Pj1lDLrTAB0eOve19zDW2iKY3cstZI1EHdxezQPhUzxO5sj9_yDvDc0j8LajzfJifc-7Lhge46tlPyItOGPq67ox9Q3KGxg0nIRY6MnhjL0roT2PiKc0tqv_hoqVaVHwmQEYj4LSh0&t=a366992
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:28:28 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 30 Jul 2024 17:46:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JrjpEdxzZi8t4XoPZgmLR4GgDYd51ksSP8KEBTLeBHOK%2By5ILDJdBAdo%2Bdh0rdmugYXyRogOwjRVeOVMsKu37S%2FsEW1FaKuXxrC62A7qnmWKGnfo7t8JeqKIIvnfLiXwxWY%2FTOAQ1tjvq6I%2F%2Fq8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=utf-8
cache-control
public
cf-ray
8abffde07fc9336d-MIA
content-length
39727
expires
Wed, 30 Jul 2025 17:46:37 GMT
ScriptResource.axd
www.primeres.com/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/ScriptResource.axd?d=EydukmxBmDstn7gSYzQESC_qUolZwo1n3vj1YFHzD3XOGiz_tRVofSTf8VnvS1QxJ_R5aqcQA06ycwgEy04IbyYldtdt9K8GKTZqlUPe3d9y_KA1Ig1w5LHMyOrTTItxE1wXGq56h-coINekOFT0HiDSlsSVgHzyA2BvbNdn-mfCikSuSmXBRm8HQVMbUwOb0&t=a366992
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cda66aaac66c47585d9917fcf9e6c0f28322715caf35b94e0f8224ab629182c4

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:28:28 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 30 Jul 2024 17:46:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yttnpd%2BU6d6d7AdLJOkd%2FCuMfnOwmBTZHyMhdHf8QEpKd8A%2F%2F39oqDVF2r2vd%2B81hA3bp0a6p0l5X4zpOOtxCMQeDS8NzVUeWGNomkIDotoqUUPVj3cRXVMx4iKw2%2FghVsywdVYgdAy20zl5uy8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=utf-8
cache-control
public
cf-ray
8abffde07fca336d-MIA
content-length
3834
expires
Wed, 30 Jul 2025 17:46:37 GMT
api.js
www.google.com/recaptcha/ 		1 KB
989 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Lc2iioeAAAAAGJ1sB16RNnuvw6C6AjPXEBiRBnM
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f104.1e100.net
Software
GSE /
Resource Hash
04c5b10f5bbed9c33b866617af4f89fe29c09a456405864a8f160f8b65f16d5d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 31 Jul 2024 19:28:28 GMT
george-branigan-headshot.jpg
www.primeres.com/images/librariesprovider475/default-album/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.primeres.com/images/librariesprovider475/default-album/george-branigan-headshot.jpg?sfvrsn=294aa23a_0
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
669070c1ba2addb9a3602cb7b58a58685d1192f665928a9ed34f4b66a1fbc079

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:28:28 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-disposition
inline; filename=george-branigan-headshot.jpg
content-length
23553
pragma
no-cache
last-modified
Wed, 31 Jul 2024 19:28:28 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vg5ft0gIwzauBd4HRO%2Brx563DixhQahcnnpfEyrdLyD0jMFEsHOj5XXOZc8WQmOypRaCTDHl5xHwd27hd%2BazSsTdtAPB3v%2FHVWgIqwSEsQ%2FN%2BhycL99bDbzQa30wGlA0ha5%2F9dH%2Faj5dtFIaIIg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8abffde07fcc336d-MIA
expires
-1
mortgage-calculator-icon.svg
www.primeres.com/images/librariesprovider475/default-album/ 		666 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.primeres.com/images/librariesprovider475/default-album/mortgage-calculator-icon.svg?sfvrsn=7275c435_2
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e5322c8709f5e2ee6da55b3427bf88893cfc8a3f4723ee7a86c8a9de3c327d21

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:28:28 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-disposition
inline; filename=mortgage-calculator-icon.svg
pragma
no-cache
last-modified
Wed, 31 Jul 2024 19:28:28 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2zLsCi%2F2iFK0btLUaZ%2FPD51gZG54KAqSE%2B%2FSqN7Rc09NBaJDPL83q78TDJSENhULNfUJguEHpf51L9YrdOhRlki7vNRomm2%2BSwjvhbIVdarf3ytTMcO7iaCgB4AvnrlBtM%2Fo55MhuvZq6FwT%2FNk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8abffde07fcf336d-MIA
expires
-1
home-icon.svg
www.primeres.com/images/librariesprovider475/default-album/ 		676 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.primeres.com/images/librariesprovider475/default-album/home-icon.svg?sfvrsn=c2e3c25d_2
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e5e7078da063e0a04a0021b018d637abf4a091190e604b3e858ae406d8316d83

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:28:28 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-disposition
inline; filename=home-icon.svg
pragma
no-cache
last-modified
Wed, 31 Jul 2024 19:28:28 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d9njSLYmcC0U4YBH0ckZzIEV8OkBsRQqFNU9bKcgBSHFNneoiZLPFh58L84N9st4qeZDoOfHoP4hrx%2B3vNVdIgU2X8MQFrSkRFTkp9nOSH3jUA9jpimV%2FSbR0K1icscUNlvgGBvcMhxsaThUCYc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8abffde32cfd336d-MIA
expires
-1
email-decode.min.js
www.primeres.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2024 16:35:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"669fdbbe-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WvQEBXZ1GG2ZA%2BodLtY4ccQaAunvHK8FKXjxUlv1qD2nj%2BabN7gLLqiZQRWvNDQvyISGN7jbe0IQHzMorJYlNyq%2FFhLCErHGwkYrNyZnTpAGtphpJwIShUooMph%2BmJIzxIYMHOPUT8lw%2Bn%2B15VM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8abffde33d15336d-MIA
expires
Fri, 02 Aug 2024 19:28:28 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:28:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
681988
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BhzQHV%2Fgg88uXeAj1esCRbfO%2BaQ5XKQcQHp2ZtfcH6LwL2uYSwpymN504NtJx0uFdcvFoeOPwk2q65Oi2P0XXJiFqmg5qq%2BoWStjARCgvJs5WmnXRnLd6w%2BUYSkYLzv5rnEsM9Lp"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8abffde3bf137431-MIA
expires
Mon, 21 Jul 2025 19:28:28 GMT
all.min.js
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/ 		92 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/all.min.js?package=Talon&v=NDMyOTQwNjQx
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c8742f54c6d913265c3298adef20813a397c23d90b06bcaaaeac529193e8940e

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:28:28 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
age
72533
x-powered-by
ASP.NET
content-length
32145
last-modified
Thu, 15 Jul 2021 09:26:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AgaMJlzE%2FrtEQCdYqvXEOBMLmLEtG6gvBkwUtsbumOIe41Mf2ls7JT9M%2Fm4uvf3obFFBeH9pTaKB9wYbdiKDJesElPAq3kalCHYkDxh04SbOgXRnW96rDPMP7pVHJ%2FN2nGAjMiZUB%2BMRQuVi9MA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8abffde36d55336d-MIA
expires
Tue, 06 Aug 2024 23:19:35 GMT
text-field.js
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/TextField/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/TextField/text-field.js?package=Talon&v=MTMuMy43NjI4LjA%3d
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2c5581746eabab90e67779987d5d9696811fc377604e490fbd3457898d26dfa8

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:28:28 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
age
20450
x-powered-by
ASP.NET
content-length
1240
last-modified
Thu, 15 Jul 2021 09:26:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yg06DzyrPCNE%2F6F6UUQuqwb0meqkPZKCFn3pB5YEXazobtjNAasNIr8hVmoMgxppJmccJuwhE9cOZNlI2N1tnVITOEZ9vYEQpn2vxNlgB35NMCImFSxWZuvyR%2BtQ%2F9buJkLO52VWYUPQ3iyMHVg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8abffde36d58336d-MIA
expires
Wed, 07 Aug 2024 13:47:38 GMT
paragraph-text-field.js
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/ParagraphTextField/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/ParagraphTextField/paragraph-text-field.js?package=Talon&v=MTMuMy43NjI4LjA%3d
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
221d55c08e2763b2759f58f7224bf3ef60951851393f1d68533089fdb29edc9b

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:28:28 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
age
20450
x-powered-by
ASP.NET
content-length
1116
last-modified
Thu, 15 Jul 2021 09:26:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=99rgioxwZamDN%2Bx1erRQ9dOw9imD8hF%2BT4r753Jm1Sn27XjDHlfXoM5mG5fdZA8Q4SbwYvLPQjZ3gkrbPb8AUpBwRGwxpO%2BJrZeUzFaSuY%2B05wQLDHURBWAK0SZQoIG56dK88pzv5HPUbOB5z%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8abffde36d5c336d-MIA
expires
Wed, 07 Aug 2024 13:47:38 GMT
checkboxes-field.js
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/CheckboxesField/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/CheckboxesField/checkboxes-field.js?package=Talon&v=MTMuMy43NjI4LjA%3d
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
278941e3db0ce75a5270d1efe562131453a2394b021de7e35dabecb2405636f2

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:28:28 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
age
20449
x-powered-by
ASP.NET
content-length
1485
last-modified
Thu, 15 Jul 2021 09:26:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BcKD6WZR4c%2BRnwCxOHj%2FDXndb5byURhIVpnyClqh%2FQSeDCFMro8aivK53jGREjRgm8AQ6EA7hXATdUSOSlvy45MB6IeXVU1jM042szr%2Fpk4ttskbwaT6P8VgZB1S75R2sFO%2FYMRvN2HK61Z67a8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8abffde36d60336d-MIA
expires
Wed, 07 Aug 2024 13:47:38 GMT
submit-button.js
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/SubmitButton/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/SubmitButton/submit-button.js?package=Talon&v=MTMuMy43NjI4LjA%3d
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
36073aa5b4384448b2c162f08124cc5cf1629bf425af43f21340667fc3a0b93e

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:28:28 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
age
20449
x-powered-by
ASP.NET
content-length
998
last-modified
Thu, 15 Jul 2021 09:26:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KKADqEPz72mxQwPj%2F0zzeHuLqt0lORaKU8GUiGI2LWr02QPOJKWnD22lA6cruw1xOn8Vh2YcQZD8o82gBFvZdxFWDlVDV3jS7SHLEL%2BYz38Lm9lcLtuvY74TOPV4Hhy5NjrSN9ZzHPVJqtsaElM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8abffde36d62336d-MIA
expires
Wed, 07 Aug 2024 13:47:39 GMT
utm-campaign.js
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/MVC/Scripts/UtmCampaignTracking/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/MVC/Scripts/UtmCampaignTracking/utm-campaign.js?package=Talon&v=LTc3MTA1MzcxNA%3d%3d
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
630f3d6f8dc680a104f56ecb03f209d9d1ccab924249ac43b716d00a4a70a838

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:28:28 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
age
3303
x-powered-by
ASP.NET
content-length
1638
last-modified
Thu, 15 Jul 2021 09:26:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vK381FKbTuo40MEqbflLhY2R1lrfJkfpBjC%2BeM%2FilPkXdIvivRBjgeOqrSjSG9%2FzoitxrCqPJBe25ItKyghNHiwP4Bv5OTYkkVu0RiLtT1U6OjiD2vyZKeqc1ExFu8hg%2FPk1yQOqmtiTQhOvOOM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8abffde36d63336d-MIA
expires
Wed, 07 Aug 2024 18:33:25 GMT
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900|Montserrat:100,300,400,700,900
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/ResourcePackages/Talon/assets/dist/css/branch-template-b/main.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
84db9cfb2c723edcb60b031cb2864d049110ebd06e33ce5a59d6d51587285643
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jul 2024 19:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 31 Jul 2024 19:28:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jul 2024 19:28:28 GMT
record
consent.api.osano.com/ 		0
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.api.osano.com/record
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-80.iad89.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Jul 2024 19:28:28 GMT
via
1.1 4a66fbee8ce857225d1bddf53b79420c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P1
x-amzn-trace-id
Root=1-66aa905c-75e3db917c46615a1c7148d5
x-amzn-requestid
3b0942d4-50a8-4081-985f-bbc7f6c5ebb4
x-cache
Miss from cloudfront
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Length, Content-Type, Origin, X-Requested-With
x-amz-apigw-id
byt-jGRYIAMERDA=
x-amz-cf-id
fnrQderwhcWSqR8B-ruG51XT5SCv6EFN-6e2VPgSY9K--_PChw33GQ==
record
consent.api.osano.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://consent.api.osano.com/record
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-80.iad89.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.primeres.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 31 Jul 2024 19:28:28 GMT
via
1.1 4a66fbee8ce857225d1bddf53b79420c.cloudfront.net (CloudFront)
x-amz-apigw-id
byt-jGWnIAMEu1g=
x-amz-cf-id
PSPFfDPPsRfy_MkoPqI4L9BgdYyFkbRW2KXhpWscuvPskaaR14F8ug==
x-amz-cf-pop
IAD89-P1
x-amzn-requestid
1e417b01-6726-4db8-b673-9d1b3e7f7dcc
x-cache
Miss from cloudfront
fb1d0dbc-a567-4966-8a49-30d7295122a7
https://www.primeres.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.primeres.com/fb1d0dbc-a567-4966-8a49-30d7295122a7
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
hotjar-1983834.js
static.hotjar.com/c/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1983834.js?sv=6
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-49.iad55.r.cloudfront.net
Software
/
Resource Hash
7bb9d7507cb4726de5da98120b69ec0b2af548cfe33fc43823b41f2f67b3d096
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Wed, 31 Jul 2024 19:28:15 GMT
via
1.1 69d1fa5e076e71f2d4b957dec774cb8a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P1
age
13
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/d24827713406471ae3fece4886df22c2
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
c7gJqP86FmSMwSNzqixMM-FY6gDVm8otEGymL9yHvBBvIvmPbf6M0Q==
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/ 		531 KB
211 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/recaptcha__en.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1d667d61bb50e0a815101a7d0d7f379b7219776fee856eedbe965a049db8d44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.primeres.com/
Origin
https://www.primeres.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 16:00:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
215075
x-xss-protection
0
last-modified
Mon, 22 Jul 2024 21:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Jul 2025 16:00:18 GMT
svgs.svg
www.primeres.com/ResourcePackages/Talon/assets/svg/ 		45 KB
13 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/ResourcePackages/Talon/assets/svg/svgs.svg
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f61df1f1f30082d6ca1072c900157805b81556305b529da4c39be88a60def1ac

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:28:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 08 May 2024 20:55:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1817561
etag
W/"7a275c8aa1da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ihJ%2F3GavdN4qrTza9uq%2BVJ2bwnAGG9aIzgb%2BgPkAdWAfRh4wx672mP%2B65Ul%2Bs0ntXvdzgoIlenFW1RpNtMvpp6cktTO0lIlPeJTiYkhA0amjCg1OuTYKtDnxtU6dXer7qM1qQp9NXjAeqcYdefc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2678400
cf-ray
8abffde3fe20336d-MIA
v6egq2kd9k
fast.wistia.net/embed/iframe/ Frame 4C75 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/embed/iframe/v6egq2kd9k
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Referer
https://www.primeres.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
9535
cache-control
public, no-cache
content-encoding
br
content-length
3327
content-type
text/html; charset=utf-8
date
Wed, 31 Jul 2024 19:28:28 GMT
etag
W/"68b49f05c8a9ab9ad6f39595ab73b7a2"
server
envoy
strict-transport-security
max-age=0
timing-allow-origin
*
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
via
1.1 9c90b41a9e5ac2856624d29ed4da4234.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-id
Z8Jth2l1VVRWxYrVS4ArLJNdxeIlG2uCR8tXYcCFt_9-PdovQ--8Tg==
x-amz-cf-pop
IAD89-C3
x-browser
chrome
x-browser-version
127
x-cache
Miss from cloudfront, HIT, HIT
x-cache-hits
28, 0
x-content-type-options
nosniff
x-ecma-v
modern
x-envoy-upstream-service-time
105
x-permitted-cross-domain-policies
none
x-request-id
97de1cfa-5e20-414e-9274-bb18ee6c3ab4
x-runtime
0.102956
x-served-by
cache-iad-kjyo7100131-IAD, cache-mia-kmia1760033-MIA
x-timer
S1722454109.878529,VS0,VE1
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900|Montserrat:100,300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.primeres.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 12:05:30 GMT
x-content-type-options
nosniff
age
372179
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Jul 2025 12:05:30 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900|Montserrat:100,300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.primeres.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 10:36:07 GMT
x-content-type-options
nosniff
age
377542
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Jul 2025 10:36:07 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900|Montserrat:100,300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.primeres.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 13:26:13 GMT
x-content-type-options
nosniff
age
367336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Jul 2025 13:26:13 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.primeres.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:28:29 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
617249
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JP1Hga%2BF6Ehzq56RHBlhl8Vcyz0OwtGRuvxOF1aBWiGDAWB6BXReUySyCR8xpq5kXsHCbc2LSql%2FPtpImgHvG09G7OF2FarsBvwmOI5BQDfFiUhsEoHbs0fbuok47lHjR3cCC8kt"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8abffde56db474be-MIA
expires
Mon, 21 Jul 2025 19:28:29 GMT
mortgage-calculator-icon.svg
www.primeres.com/images/librariesprovider475/default-album/ 		666 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/images/librariesprovider475/default-album/mortgage-calculator-icon.svg?sfvrsn=7275c435_2
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/ScriptResource.axd?d=okuX3IVIBwfJlfEQK32K3ugaLjNozHoajOZ-qWC1CBhNnChirDzyJQ9Pj1lDLrTAB0eOve19zDW2iKY3cstZI1EHdxezQPhUzxO5sj9_yDvDc0j8LajzfJifc-7Lhge46tlPyItOGPq67ox9Q3KGxg0nIRY6MnhjL0roT2PiKc0tqv_hoqVaVHwmQEYj4LSh0&t=a366992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e5322c8709f5e2ee6da55b3427bf88893cfc8a3f4723ee7a86c8a9de3c327d21

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
https://www.primeres.com/gbranigan
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:28:29 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-disposition
inline; filename=mortgage-calculator-icon.svg
pragma
no-cache
last-modified
Wed, 31 Jul 2024 19:28:29 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o4OZVMW36WsvHX4RJLJxpD%2Bvfmd%2BXTJpGp9Io9PJ%2FCVZ0xwOcfemRvOKMgyVfUG6BkwPEpBFRhvPGSrorxRUs7cuH6WQZllBHMV26GoJXXde4F4FinYqRn7xWtV8V2Ltyn6oxUGVbjuptAs%2Bezs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8abffde51fe7336d-MIA
expires
-1
home-icon.svg
www.primeres.com/images/librariesprovider475/default-album/ 		676 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/images/librariesprovider475/default-album/home-icon.svg?sfvrsn=c2e3c25d_2
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/ScriptResource.axd?d=okuX3IVIBwfJlfEQK32K3ugaLjNozHoajOZ-qWC1CBhNnChirDzyJQ9Pj1lDLrTAB0eOve19zDW2iKY3cstZI1EHdxezQPhUzxO5sj9_yDvDc0j8LajzfJifc-7Lhge46tlPyItOGPq67ox9Q3KGxg0nIRY6MnhjL0roT2PiKc0tqv_hoqVaVHwmQEYj4LSh0&t=a366992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e5e7078da063e0a04a0021b018d637abf4a091190e604b3e858ae406d8316d83

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
https://www.primeres.com/gbranigan
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:28:29 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-disposition
inline; filename=home-icon.svg
pragma
no-cache
last-modified
Wed, 31 Jul 2024 19:28:29 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DiwdcoH%2BMU1iFP01agPctVsOIzc7K6K5jLZTKRmbLNt3egV5tIQKXHIIa6%2B41MP8dJkK37iQLU49Tz2SjlD60CKWa4oJcrnAuSesARcyyJW7V4EAUZPP8GMw3JAKltXeCP%2FJIU%2FYwM99bYxG%2BWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8abffde56866336d-MIA
expires
-1
widget.js
accessibilityserver.org/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accessibilityserver.org/widget.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.191.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-191-14.iad89.r.cloudfront.net
Software
CDN77-Turbo /
Resource Hash
3b616977793b2e6a5bfcf5a9b4a057501f8411543909c0de082bee347f911f72

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Wed, 31 Jul 2024 19:22:22 GMT
via
1.1 812385435e4a24499dabb443924e6b50.cloudfront.net (CloudFront), 1.1 48c70f7a0c91fc5e8cb64d6c71ad9826.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
JFK50-P7, IAD89-C2
x-accel-date-max
1722427076
x-amz-server-side-encryption
AES256
age
993
x-77-cache
HIT
x-cache
Hit from cloudfront
x-age
2090
x-accel-date
1722440840
x-77-nzt
EgwBWbuxDwH3KggAAAwBuTvfFAH3AAAAAA
x-77-age
2090
last-modified
Wed, 31 Jul 2024 11:31:59 GMT
server
CDN77-Turbo
x-77-nzt-ray
49be140869dd1cd9b264aa661a5c0a02
etag
W/"981232907e900b721f23e80e309bba08"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=3600, public
vary
Accept-Encoding
x-amz-cf-id
1EYq4WqzDpY1PGzZreP0AO9QkufQKHa8Och357iuDJZvRfRIncyyhw==
da177a63-5179-48b9-8b09-a363f1591781
https://www.primeres.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.primeres.com/da177a63-5179-48b9-8b09-a363f1591781
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
main.js
www.primeres.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/ Frame 2A65
Redirect Chain
  • https://www.primeres.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.primeres.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0651e0bf07d82bd2312d048c4b9fefa9aa548dd34e0a6d1cac23cc0961a5f34
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:28:29 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NaQLw6wAPIvUaiodZCC%2BK%2B1ZcYU9JsWjN4gvCYF%2BoVSf9wM149mVv3SidAjfWmc8AcxtSEDZqM3bb9AnJ3lSIzJHYp8inK%2FsTTfZffwf0iTu6vLhy08JKZSE%2BxNgP4qTYF8P2fgl8Xpc3Vg7f9k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8abffde7bbe9336d-MIA

Redirect headers

date
Wed, 31 Jul 2024 19:28:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2FKZzs73PTAr2s8HXkSF2o1E87hxsgPxlzNUOS820a6Xyw%2FR1%2FSdbtu4X21UsxyBWFFfLWuQRalfuY4kaP%2FHJfvhgfBIfxI5f7kCePibqQVPZMBeW7zYc2%2BWjYiJw%2FuBG886S86hIKB9J4acCvo%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
access-control-allow-origin
*
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8abffde70aea336d-MIA
content-length
0
td
www.googletagmanager.com/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=UA-130576779-2&v=3&t=t&pid=378659135&dl=www.primeres.com%2Fgbranigan&tdp=UA-130576779-2;;0;0;0&frm=0&z=0
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 19:28:29 GMT
server
Golfe2
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8060e547-ca5e-46ae-b05f-8c9f3ea71fdc
https://www.primeres.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.primeres.com/8060e547-ca5e-46ae-b05f-8c9f3ea71fdc
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
051df7ab-d4cc-4673-99a4-b2d59960ecf3
https://www.primeres.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.primeres.com/051df7ab-d4cc-4673-99a4-b2d59960ecf3
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
widget_app_base_1722425342139.js
cdn.userway.org/widgetapp/2024-07-31-11-29-02/ 		154 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-07-31-11-29-02/widget_app_base_1722425342139.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
26835671b09cb272210697dbfd833cb17492a94f625a659c643465040ba4e3ac

Request headers

Referer
https://www.primeres.com/
Origin
https://www.primeres.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Wed, 31 Jul 2024 19:28:29 GMT
via
1.1 d0abe8e02f00bbb3378a9a4149801740.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
JFK50-P7
age
11
x-amz-server-side-encryption
AES256
x-accel-date-max
1722443247
x-77-cache
HIT
x-cache
HIT
x-age
10862
x-accel-date
1722443247
x-77-nzt
EgwBnJIkFgH3bioAAAwBnJI76AH3AwAAAA
x-accel-expires
@1748363244
x-77-age
10862
last-modified
Wed, 31 Jul 2024 11:31:47 GMT
server
CDN77-Turbo
etag
W/"b10e0cd337ce5a601c01acc55ae16f82"
x-77-nzt-ray
1e192d0801bb93985d90aa6650b99827
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
XMr66HqOoABzw5SZSN7GXnWzRUzJ2LyhAs4U-_hmM1zkny4frjSDZw==
modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.191.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-191-41.iad89.r.cloudfront.net
Software
/
Resource Hash
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 8ba3a4becb51f8eb807e5e3697846e1a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C2
age
104723
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56385
last-modified
Tue, 30 Jul 2024 14:22:40 GMT
etag
"0728625a147ca79276a1790b9cf3175d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
SYMAwzAyvKkZaQ_YPwD8I-3SmdnzSzIT7KYy_KD9Ijlxl_VAR1HLoQ==
anchor
www.google.com/recaptcha/api2/ Frame BD2B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc2iioeAAAAAGJ1sB16RNnuvw6C6AjPXEBiRBnM&co=aHR0cHM6Ly93d3cucHJpbWVyZXMuY29tOjQ0Mw..&hl=en&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&size=invisible&cb=kwmv6cwp33eq
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f99.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Fi1i1QaDpzepx6gMi5mrcw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.primeres.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Fi1i1QaDpzepx6gMi5mrcw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jul 2024 19:28:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
8abffdd5ff9a336d
www.primeres.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 2A65 		0
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/cdn-cgi/challenge-platform/h/b/jsd/r/8abffdd5ff9a336d
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Jul 2024 19:28:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
8abffdea4818336d-MIA
content-length
0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kL808CHmXHG7HAVtHW5PtjxnyLovAtgkGlGwLVRSvlKxYz0BnjgQYOSy8FT7Fc7%2FkU6xXX8hI%2BjSS%2FvzCUYpLMOIAUvjrYklvChBwZ05FDcVE1XQiQK06MVuJUkHVnjYRyDzjIoKyF8WxgoLw%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
js
www.googletagmanager.com/gtag/ 		250 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TSXTQ54QKJ&l=dataLayer&cx=c
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
de0d9789e7059b1e0983e53313ab135da9dabee8ab96f06bfd81050bf13525ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:28:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90223
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 31 Jul 2024 19:28:29 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 31 Jul 2024 17:51:20 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5829
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 31 Jul 2024 19:51:20 GMT
5E0vL5lD6Y
api.userway.org/api/tunings/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/tunings/5E0vL5lD6Y
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-07-31-11-29-02/widget_app_base_1722425342139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb22:6e05:a00:46e2:352d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
760cd786798fd0cf966a6538ea55005fe5cd70e9019b4b69f41f5c715aacbf76

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 31 Jul 2024 19:28:30 GMT
etag
W/"771-S+XJ5Qlp/mJA4VhhMeIQdjfBYdA"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-service-request-id
usr9843033ba9d540e
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
1905
x-service-version
uw-pr
1983834
vc.hotjar.io/sessions/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/1983834?s=0.25&r=0.054640227403845776
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-82.iad55.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 31 Jul 2024 19:28:30 GMT
cache-control
no-store
via
1.1 aadc36bc93844687d7ba70137223bc20.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P2
x-amz-cf-id
uMSbkydMfcYzb0APEo0G9tMqqqyPx1bU0OuZ1ARtzm6jKCa8CwkSLQ==
x-cache
Miss from cloudfront
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-TSXTQ54QKJ&gtm=45je47v0h2v9107853244za200&_p=1722454108691&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=2079880090.1722454110&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1722454110&sct=1&seg=0&dl=https%3A%2F%2Fwww.primeres.com%2Fgbranigan&dt=Mortgage%20Lender%20in%20Prairieville%20LA%20%7C%20Primary%20Residential%20Mortgage&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4114
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TSXTQ54QKJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 19:28:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.primeres.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=104052472&t=pageview&_s=1&dl=https%3A%2F%2Fwww.primeres.com%2Fgbranigan&ul=en-us&de=UTF-8&dt=Mortgage%20Lender%20in%20Prairieville%20LA%20%7C%20Primary%20Residential%20Mortgage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1378936740&gjid=881253569&cid=2079880090.1722454110&tid=UA-130576779-2&_gid=47346503.1722454110&_r=1&gtm=457e47t0za200&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&jsscut=1&z=707936647
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 19:28:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.primeres.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
en-US.json
cdn.userway.org/widgetapp/2024-07-31-11-29-02/locales/ 		607 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-07-31-11-29-02/locales/en-US.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-07-31-11-29-02/widget_app_base_1722425342139.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Wed, 31 Jul 2024 19:28:30 GMT
via
1.1 f54bc880c0d35571a4883f7c10838532.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
JFK50-P7
age
11
x-amz-server-side-encryption
AES256
x-accel-date-max
1722443247
x-77-cache
HIT
x-cache
HIT
x-age
10863
x-accel-date
1722443247
x-77-nzt
EgwBnJIkFgH3byoAAAwBnJI76AH3AwAAAA
x-accel-expires
@1748363244
x-77-age
10863
last-modified
Wed, 31 Jul 2024 11:31:46 GMT
server
CDN77-Turbo
etag
W/"971644f50e2020e1ff22e37edcad46f6"
x-77-nzt-ray
1e192d0801bb93985e90aa6610e25116
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
Ny3WxtEmhnD3tYpQZ3dQmpom20t-TvdpFpmw9d7cEopLkoEafm1NmA==
remediation_1722425342139.js
cdn.userway.org/widgetapp/2024-07-31-11-29-02/remediation/ 		99 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-07-31-11-29-02/remediation/remediation_1722425342139.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
fa0d663c9e166621bf83e4f905d75cce53bada3c260a641d21636005008936d5

Request headers

Referer
https://www.primeres.com/
Origin
https://www.primeres.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Wed, 31 Jul 2024 19:28:30 GMT
via
1.1 16af463a01c5a83f3019835cbbb82152.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
JFK50-P7
x-accel-date-max
1722443234
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
10863
x-accel-date
1722443247
x-77-nzt
EgwBnJIkFgH3byoAAAwBuTvfFAH3DQAAAA
x-accel-expires
@1748363234
x-77-age
10863
last-modified
Wed, 31 Jul 2024 11:31:46 GMT
server
CDN77-Turbo
etag
W/"d7ecd038f6bc817196bcad8e2e0c8541"
x-77-nzt-ray
1e192d0801bb93985e90aa6623ff8534
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
pGB2pooseenldeVx3kuNYHuiQl3N0U8QL_4Cr0bRoexiVjrFpkcE3w==
UbggTqd8a65nX07E.json
cdn.userway.org/remediations/consolidated/1430254/ 		399 KB
49 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediations/consolidated/1430254/UbggTqd8a65nX07E.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-07-31-11-29-02/widget_app_base_1722425342139.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5b39b5567d37bc2a413549d474a7d4754d9d1383219b57739ac81f0dc51557a2

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Wed, 31 Jul 2024 19:28:30 GMT
via
1.1 d0abe8e02f00bbb3378a9a4149801740.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
JFK50-P7
age
51
x-amz-server-side-encryption
AES256
x-accel-date-max
1722446372
x-77-cache
HIT
x-cache
HIT
x-age
7738
x-accel-date
1722446372
x-77-nzt
EgwBnJIkFgH3Oh4AAAwBnJI73wH3AAwAAA
x-accel-expires
@1753979300
x-77-age
7738
last-modified
Thu, 11 Jul 2024 18:07:38 GMT
server
CDN77-Turbo
etag
W/"0898e13eef3c155fe2c282fffe798fb5"
x-77-nzt-ray
1e192d0801bb93985e90aa66894a9234
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
public, max-age=31536000
vary
Accept-Encoding
x-amz-cf-id
7KcRgpHGgZ-LQkKcz67MMPTvPtXuMI5mXJfQaDDZafOrvtZ2CAIGAw==
body_wh.svg
cdn.userway.org/widgetapp/images/ 		4 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/body_wh.svg
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Wed, 31 Jul 2024 19:28:31 GMT
via
1.1 d0abe8e02f00bbb3378a9a4149801740.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
JFK50-P7
age
5
x-amz-server-side-encryption
AES256
x-accel-date-max
1722443247
x-77-cache
HIT
x-cache
HIT
x-age
10864
x-accel-date
1722443247
x-77-nzt
EgwBnJIkFgH3cCoAAAwBnJI74gH3CAAAAA
x-accel-expires
@1748363239
x-77-age
10864
last-modified
Wed, 31 Jul 2024 11:31:48 GMT
server
CDN77-Turbo
etag
W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-nzt-ray
1e192d0801bbb4c15f90aa66302c9e03
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
VgEt23c_ky0bWfVUKrFD2F2GAITsqbPHrd8pJRBarexnVDbjwKsXFw==
spin_wh.svg
cdn.userway.org/widgetapp/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Wed, 31 Jul 2024 19:28:31 GMT
via
1.1 a1128ada13f2f3694bc79e73c9d5598e.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
JFK50-P7
age
188
x-amz-server-side-encryption
AES256
x-accel-date-max
1722443247
x-77-cache
HIT
x-cache
HIT
x-age
10864
x-accel-date
1722443247
x-77-nzt
EgwBnJIkFgH3cCoAAAwBnJI73wH3BAAAAA
x-accel-expires
@1748363243
x-77-age
10864
last-modified
Wed, 31 Jul 2024 11:31:48 GMT
server
CDN77-Turbo
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray
1e192d0801bbb4c15f90aa6668ffa603
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
bIL4ijdBiwpemdl21PIoOJHMNDWpHwKe-GuH_iYpLQtou1hBvYogBA==
remediation-tool.js
cdn.userway.org/remediation/2024-07-31-11-29-02/paid/ 		62 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediation/2024-07-31-11-29-02/paid/remediation-tool.js?ts=1722425342139
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a50caa9d7b5c56e653092ef883ed10009368c29a45c51ce6b2949148aaddae31

Request headers

Referer
https://www.primeres.com/
Origin
https://www.primeres.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Wed, 31 Jul 2024 19:28:30 GMT
via
1.1 a4c7006ff62b5b4c16c58f54fdfeb656.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
JFK50-P7
age
6
x-amz-server-side-encryption
AES256
x-accel-date-max
1722443247
x-77-cache
HIT
x-cache
HIT
x-age
10863
x-accel-date
1722443247
x-77-nzt
EgwBnJIkFgH3byoAAAwBnJI74gH3CAAAAA
x-accel-expires
@1748363239
x-77-age
10863
last-modified
Wed, 31 Jul 2024 11:31:56 GMT
server
CDN77-Turbo
etag
W/"0cdc4007a716dd908e23185f49da688a"
x-77-nzt-ray
1e192d0801bb93985e90aa66ad5ca13a
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
mBV1QpYRS_KAvvGtJq7W1bnIWUuwxpN253z7uOt2Wstam9P1R-F4NQ==
UbggTqd8a65nX07E.json
cdn.userway.org/remediations/consolidated/1430254/ 		399 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediations/consolidated/1430254/UbggTqd8a65nX07E.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-07-31-11-29-02/paid/remediation-tool.js?ts=1722425342139
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5b39b5567d37bc2a413549d474a7d4754d9d1383219b57739ac81f0dc51557a2

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Wed, 31 Jul 2024 19:28:30 GMT
via
1.1 d0abe8e02f00bbb3378a9a4149801740.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
JFK50-P7
age
51
x-amz-server-side-encryption
AES256
x-accel-date-max
1722446372
x-77-cache
HIT
x-cache
HIT
x-age
7738
x-accel-date
1722446372
x-77-nzt
EgwBnJIkFgH3Oh4AAAwBnJI73wH3AAwAAA
x-accel-expires
@1753979300
x-77-age
7738
last-modified
Thu, 11 Jul 2024 18:07:38 GMT
server
CDN77-Turbo
etag
W/"0898e13eef3c155fe2c282fffe798fb5"
x-77-nzt-ray
1e192d0801bb93985e90aa66894a9234
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
public, max-age=31536000
vary
Accept-Encoding
x-amz-cf-id
7KcRgpHGgZ-LQkKcz67MMPTvPtXuMI5mXJfQaDDZafOrvtZ2CAIGAw==
favicon.ico
www.primeres.com/ 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
122e4cb93b991803fb2dc9b3dac4e39738eeb508574409a7da359be0ec6374b0

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:28:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 19:32:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
346963
etag
W/"d3764b9637cd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sj3%2B8MyTaWqdw3mjMG44yFi4qP%2ByHOFmBFLrO2vwV0v3cnzllelUc8WoWLgD5dvV6QJIcRCuwW3vE7eY5%2Bp8j3cmBgEh1cZt3GerRsZqtUCW4gp3Bk627H8HJbpXSseXFmAf%2Fq8KBywkPlDSK4M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=2678400
cf-ray
8abffdf2fdd1336d-MIA
nav_menu_helper_1722425342139.js
cdn.userway.org/widgetapp/2024-07-31-11-29-02/remediation/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-07-31-11-29-02/remediation/nav_menu_helper_1722425342139.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
48eef7fe61a3e2c7c88ac1c6a263bd851b6a05363607e52fd2be4e4472d42255

Request headers

Referer
https://www.primeres.com/
Origin
https://www.primeres.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Wed, 31 Jul 2024 19:28:31 GMT
via
1.1 a4c7006ff62b5b4c16c58f54fdfeb656.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
JFK50-P7
age
6
x-amz-server-side-encryption
AES256
x-accel-date-max
1722443247
x-77-cache
HIT
x-cache
HIT
x-age
10864
x-accel-date
1722443247
x-77-nzt
EgwBnJIkFgH3cCoAAAwBnJI74gH3CAAAAA
x-accel-expires
@1748363239
x-77-age
10864
last-modified
Wed, 31 Jul 2024 11:31:46 GMT
server
CDN77-Turbo
etag
W/"d5babf1f477d0f7bf4044b0693b956d9"
x-77-nzt-ray
1e192d0801bb93985f90aa66ec2d8b3a
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
xJO14udXcvLpYjB-fY8hbxqcWe_9B8Ol504d6puIo5EzxLl9V4YysQ==
alts.json
cdn77.api.userway.org/api/img-dscr/v2/5E0vL5lD6Y/1430254/jWh39SPs5NOkuRTL/ 		279 B
788 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn77.api.userway.org/api/img-dscr/v2/5E0vL5lD6Y/1430254/jWh39SPs5NOkuRTL/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fwww.primeres.com%2Fimages%2Flibrariesprovider475%2Fdefault-album%2Fgeorge-branigan-headshot.jpg%22%2C%22alt%22%3A%22George-Branigan-Headshot%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%2C%22pageUrl%22%3A%22https%3A%2F%2Fwww.primeres.com%2Fgbranigan%22%7D
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-07-31-11-29-02/paid/remediation-tool.js?ts=1722425342139
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
dd1841e4aa6f7d9981e4f7a6aaaa88da9635c623017c802bade191153124c645

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-77-pop
newyorkUSNY
date
Wed, 31 Jul 2024 19:28:33 GMT
content-encoding
gzip
x-77-cache
HIT
x-cache
MISS
x-accel-date
1722285640
x-service-version
img-dscr-srv-0cf7bb5a
x-77-nzt
EggBWbuxDwFBDAGckjviAdcZkgIA
x-accel-expires
@1722890440
x-77-age
168473
server
CDN77-Turbo
etag
W/"117-S2FvrcBYRKwLMYdUXZvtc9QtvAw"
x-77-nzt-ray
49be14082fd3a4196190aa6696625901
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=604800
vary
Accept-Encoding
access-control-allow-headers
*
alts.json
cdn77.api.userway.org/api/img-dscr/v2/5E0vL5lD6Y/1430254/jWh39SPs5NOkuRTL/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn77.api.userway.org/api/img-dscr/v2/5E0vL5lD6Y/1430254/jWh39SPs5NOkuRTL/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fwww.primeres.com%2Fimages%2Flibrariesprovider475%2Fdefault-album%2Fgeorge-branigan-headshot.jpg%22%2C%22alt%22%3A%22George-Branigan-Headshot%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%2C%22pageUrl%22%3A%22https%3A%2F%2Fwww.primeres.com%2Fgbranigan%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.primeres.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
access-control-max-age
3000
cache-control
max-age=604800
date
Wed, 31 Jul 2024 19:28:32 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
EggBWbuxDwAACAGckjviAAA
x-77-nzt-ray
49be14082fd3a4196090aa662fff9033
x-77-pop
newyorkUSNY
x-service-version
img-dscr-srv-0cf7bb5a
1430254
api.userway.org/api/br-links/v0/contribute/ 		51 B
429 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/br-links/v0/contribute/1430254
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-07-31-11-29-02/paid/remediation-tool.js?ts=1722425342139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb22:6e05:a00:46e2:352d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:28:33 GMT
etag
W/"33-H+KjAZZBE0PpJIInQTjCoPBRoaQ"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
vary
Accept-Encoding
access-control-allow-headers
*
content-length
51
x-service-version
apps-ddb67952
1430254
api.userway.org/api/br-links/v0/links/ 		340 B
707 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/br-links/v0/links/1430254
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-07-31-11-29-02/paid/remediation-tool.js?ts=1722425342139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb22:6e05:a00:46e2:352d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
15a767d28dc45cba1cd0c2f8c8076f04f0ecc6de96ee407ec7763dcf0520d5f0

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 19:28:33 GMT
etag
W/"154-Cy8rl1xud9WzVP6xnGUy09koRV0"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=300, public
vary
Accept-Encoding
access-control-allow-headers
*
content-length
340
x-service-version
apps-ddb67952
status
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.primeres.com%2Fgbranigan/DESKTOP/WIDGET_ON/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.userway.org
URL
https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.primeres.com%2Fgbranigan/DESKTOP/WIDGET_ON/status

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| Osano function| __uspapi function| $ function| jQuery function| gtag object| dataLayer function| hj object| _hjSettings object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| onSubmit function| _typeof object| talonUtil function| getParameterByName function| addParametersToUrl function| addParametersToUrlFromConfig function| paramReplace function| getConfigValue function| addUtmParametersOnLinks function| addUtmParametersFromConfigOnLinks object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| google_tag_manager object| google_tag_data object| litHtmlVersions string| GoogleAnalyticsObject function| ga object| UserWayWidgetApp object| recaptcha object| closure_lm_237601 function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| CONTROLS_WITH_TEXT_TAGS object| INPUT_TYPES_WITH_TEXT_CONTENT function| isInputElementWithText function| isDirectParentOfText object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __assign function| __rest object| messageStream object| _userway_config boolean| _userway object| gaGlobal object| gaplugins object| gaData object| UserWay function| __awaiter function| __generator function| __defProp function| __defProps function| __getOwnPropDescs function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __spreadProps function| __objRest function| __async function| runMenuRemediationScript

14 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AA5Y-DKbt28VEB5dcIHfPcLKCP1DFoCOFN6rl3NniZB9mFK34qYkcR6HxqNfXMZkcDu6ooaoz5jTOuHLiHi0wYg
www.primeres.com/ Name: ApplicationGatewayAffinityCORS
Value: 4384ddf579a3af9775766d82fb10918a
www.primeres.com/ Name: ApplicationGatewayAffinity
Value: 4384ddf579a3af9775766d82fb10918a
.www.primeres.com/ Name: ARRAffinity
Value: bca044f3f2a7c22ab74af05e7a624a676b298b912833eb44ae7db863d885fa4a
.www.primeres.com/ Name: ARRAffinitySameSite
Value: bca044f3f2a7c22ab74af05e7a624a676b298b912833eb44ae7db863d885fa4a
.primeres.com/ Name: osano_consentmanager_uuid
Value: 83e59c8b-0e8c-406b-aca0-3fa763816717
.primeres.com/ Name: osano_consentmanager
Value: uvx-cY2u_aGBeK_1OrqbHkhFoA09ko7s2kICU0W-N-D8qjK87fYlfgRn2N-V6bR1KyV5GdfVXSxg5LXTbXDJceTfw-gVSB7n2z4IhSxUkMIJpo9QyO0vtc6bHXFLE4hhqv2LfvBOD8hQ1Sams8oM_flD05pA_cjJp8_b64YqpUnHK5iBH0rjTDbqaAZOgPBzxMyLAmDon8nHFpfoStJUqkpHh0mS72EQ2zP_ha2cNP9dXft0mypSbpqlcid8ozoyO-t8NcV0Ajsx9msWKu_Ti-Pw2OdgF66_qK4IfA==
.primeres.com/ Name: cf_clearance
Value: LwugzORwKzwzEdk0RJuRn4CWBulQHU2Xtm66bugj.IM-1722454109-1.0.1.1-yB5a_LSuzc0wXlEGLib7RcQCOkHyLAEeyu_GIj6q907QUEA1J0ffBI7qAQ4weQI88KZkrunFg_7JThWzkiu5rA
.primeres.com/ Name: _hjSessionUser_1983834
Value: eyJpZCI6IjZiNDM3YzY1LTQ4MmQtNTg5MS04MGMyLWYzNDBiMjYwMjE4NCIsImNyZWF0ZWQiOjE3MjI0NTQxMDk5ODgsImV4aXN0aW5nIjpmYWxzZX0=
.primeres.com/ Name: _hjSession_1983834
Value: eyJpZCI6IjI5ZTI1MjMyLWIyNzEtNDUxZC1iMjNjLTU2NTVjOGE3MGM3ZiIsImMiOjE3MjI0NTQxMTAwMTgsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.primeres.com/ Name: _ga_TSXTQ54QKJ
Value: GS1.1.1722454110.1.0.1722454110.0.0.0
.primeres.com/ Name: _ga
Value: GA1.2.2079880090.1722454110
.primeres.com/ Name: _gid
Value: GA1.2.47346503.1722454110
.primeres.com/ Name: _gat_gtag_UA_130576779_2
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accessibilityserver.org
ajax.googleapis.com
api.userway.org
cdn.userway.org
cdn77.api.userway.org
cdnjs.cloudflare.com
cmp.osano.com
consent.api.osano.com
fast.wistia.net
fonts.googleapis.com
fonts.gstatic.com
script.hotjar.com
static.hotjar.com
vc.hotjar.io
www.georgebranigan.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.primeres.com
api.userway.org
104.17.25.14
142.250.31.97
15.197.225.128
172.253.122.104
172.253.122.99
18.160.41.49
18.160.46.82
18.67.65.80
2600:1f14:5db:eb22:6e05:a00:46e2:352d
2600:9000:2509:fc00:3:b7e:8940:93a1
2606:4700:20::681a:6f1
2607:f8b0:4004:c06::8b
2607:f8b0:4004:c07::5e
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c0b::61
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c21::5f
2a02:6ea0:c400::11
2a02:6ea0:c400::12
2a04:4e42:200::644
99.84.191.14
99.84.191.41
038df4179efc2c96eb6b561769233ccfc027ae91de8b8a71f70d2d517996d8e6
04c5b10f5bbed9c33b866617af4f89fe29c09a456405864a8f160f8b65f16d5d
0505a8c92aa031b39934c60269132d20d96b985d494e29273d7f75a3089fa088
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
122e4cb93b991803fb2dc9b3dac4e39738eeb508574409a7da359be0ec6374b0
15a767d28dc45cba1cd0c2f8c8076f04f0ecc6de96ee407ec7763dcf0520d5f0
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
221d55c08e2763b2759f58f7224bf3ef60951851393f1d68533089fdb29edc9b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26835671b09cb272210697dbfd833cb17492a94f625a659c643465040ba4e3ac
278941e3db0ce75a5270d1efe562131453a2394b021de7e35dabecb2405636f2
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c5581746eabab90e67779987d5d9696811fc377604e490fbd3457898d26dfa8
36073aa5b4384448b2c162f08124cc5cf1629bf425af43f21340667fc3a0b93e
3b616977793b2e6a5bfcf5a9b4a057501f8411543909c0de082bee347f911f72
48eef7fe61a3e2c7c88ac1c6a263bd851b6a05363607e52fd2be4e4472d42255
5b39b5567d37bc2a413549d474a7d4754d9d1383219b57739ac81f0dc51557a2
630f3d6f8dc680a104f56ecb03f209d9d1ccab924249ac43b716d00a4a70a838
669070c1ba2addb9a3602cb7b58a58685d1192f665928a9ed34f4b66a1fbc079
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
760cd786798fd0cf966a6538ea55005fe5cd70e9019b4b69f41f5c715aacbf76
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7bb9d7507cb4726de5da98120b69ec0b2af548cfe33fc43823b41f2f67b3d096
7d222095e8aeeb98c61616a8ad3894c9890646da3cb82638bb08a5b9420bc6f9
84db9cfb2c723edcb60b031cb2864d049110ebd06e33ce5a59d6d51587285643
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf
a50caa9d7b5c56e653092ef883ed10009368c29a45c51ce6b2949148aaddae31
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5
b8430873e24e9554a14cd72b2f424ac5be80f8c6f72853b0e89165338f7ce92a
c0651e0bf07d82bd2312d048c4b9fefa9aa548dd34e0a6d1cac23cc0961a5f34
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de
c8742f54c6d913265c3298adef20813a397c23d90b06bcaaaeac529193e8940e
cda66aaac66c47585d9917fcf9e6c0f28322715caf35b94e0f8224ab629182c4
dd1841e4aa6f7d9981e4f7a6aaaa88da9635c623017c802bade191153124c645
de0d9789e7059b1e0983e53313ab135da9dabee8ab96f06bfd81050bf13525ae
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1d667d61bb50e0a815101a7d0d7f379b7219776fee856eedbe965a049db8d44
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5322c8709f5e2ee6da55b3427bf88893cfc8a3f4723ee7a86c8a9de3c327d21
e5e7078da063e0a04a0021b018d637abf4a091190e604b3e858ae406d8316d83
f61df1f1f30082d6ca1072c900157805b81556305b529da4c39be88a60def1ac
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa0d663c9e166621bf83e4f905d75cce53bada3c260a641d21636005008936d5